This phishing kit was first brought to light by RiskIQ, a threat intelligence firm. According to RiskIQ, the adoption of this phishing kit has skyrocketed in the past month with over 700 domains, and of these domains 300 appeared in only the last week alone. According to the report, LogoKit targets users of renowned domains predominantly, OneDrive, Microsoft, and SharePoint. These kits are developed and designed to interact within Document Object Model (DOM), in the presentation layer (layer 6 of the 7-layer OSI model). The interconnection with DOM allows the script to change the visible content of the site as well as the HTML form data with no user interaction.
The threat intelligence firms added that the phishing tool kit relies on, like previous phishing kits, sending users phishing emails with links to their email addresses. Once the receiver navigates to the URL, the phishing tool kit quickly copies the company logo and elemental resources from the authentic site’s resource buckets, as well as mimics 3rd party services from the existing site. Once the victim enters their password, LogoKit performs an AJAX request, storing the victim’s password and email address, or login, then redirecting them to the authentic website. LogoKit phishing tools’ modularity and features allows the attacker to target any company with very little customization work by the attacker manually, which enables them to launch hundreds of attacks a week against the companies.
To avoid falling prey to such attacks, companies should focus on increasing cyber security awareness and training employees to recognize such phishing tactics. Both employees and employers should verify communications regarding their official account with the IT department.
For more news and updates visit https://blog.excellimatrix.com/
For any questions, reach us out on Facebook, & LinkedIn or Contact us. You can also drop a mail at sales@ExcelliMatrix.com for any discussion